toasters

toasters@lists.teaparty.net

13520 discussions

Re: Virus
by yann.golanski＠ThePLAnet.net 17 Jun '99

17 Jun '99

Quoting Mark D Fowle <Fowle_Mark_D(a)CAT.com>: > Our NT Administrator wants to know how to protect the NetApps from viruses. > Unlike running on an NT server he > says he can't autoprotect data. Does anyone know how this might be done? Two ways. Use exim as a mail agent (yes, that DOES involve having a *nix box) and set a filter so that all attachemtn that match a list are `canned' or frozen. Then he can look thrugh them and only allow those he knows are not viruses. Of course, a list of known viruses can be set up to send the mail to /dev/null. The second: move to *nix. Check out VMware as a way to migrate. Remeber the filer is an appliance. It stores data. That's it. The security needs to come from somewhere else. -- Yann Golanski Internet Systems Developer yann.golanski(a)theplanet.net The Planet Online

1 0

RE: CIFS and the MaxMpxCt parameter
by Muhlestein, Mark 16 Jun '99

16 Jun '99

We have a fix for that in 5.3D14. The value is set via the cifs.max_mpx option, which has a maximum of 255, same as NT. Mark Muhlestein -- mmm(a)netapp.com -----Original Message----- From: Graham C. Knight [mailto:grahamk@ast.lmco.com] Sent: Wednesday, June 16, 1999 3:12 PM To: toasters(a)mathworks.com Subject: CIFS and the MaxMpxCt parameter We have a windows NT terminal server that servers out up to 60 Windows NT sessions at a time. The Windows NT people are complaining because after a certain amount of connections to our filer they start getting errors that look like this: "\\filername is not accessible. The remote procedure call failed and did not execute." So, they opened a call with Microsoft, and after 3 or 4 days of wrangling Microsoft has told them that the MaxMpxCt needs to be increased on the file server. Well, i can find no reference to this anywhere in NetApp's documentation, so i'm figuring that this is a Windows NT server thing and that it has nothing to do with a filer. But i don't know for sure, or if there is something else i can set that does the same type of thing. Here's the blurb from M$. Any ideas? Cause: During negotiation of the SMB dialect, the MaxMpxCt parameter (NT server registry, option in NetApp filer?) is passed to the client's (Terminal Server's) redirector where the limit of outstanding network requests is enforced. Explorer makes extensive use of directory notifications, resulting in a number of NTNotifyDirectoryChange SMBs being sent to the server (NetApp filer). This SMB request is classified as a long term request and is received by the server but not sent back until a change occurs. When several clients connect to the Terminal Server, the number of outstanding commands against the server can exceed the default maximum of 50. If this situation arises, other SMB requests will wait in the redirector until previous requests complete, timeout, or are cancelled. Resolution: Increase the MaxMpxCt parameter on the remote server to allow more simultaneous SMB connections. Thanks, Graham

1 0

CIFS and the MaxMpxCt parameter
by Graham C. Knight 16 Jun '99

16 Jun '99

We have a windows NT terminal server that servers out up to 60 Windows NT sessions at a time. The Windows NT people are complaining because after a certain amount of connections to our filer they start getting errors that look like this: "\\filername is not accessible. The remote procedure call failed and did not execute." So, they opened a call with Microsoft, and after 3 or 4 days of wrangling Microsoft has told them that the MaxMpxCt needs to be increased on the file server. Well, i can find no reference to this anywhere in NetApp's documentation, so i'm figuring that this is a Windows NT server thing and that it has nothing to do with a filer. But i don't know for sure, or if there is something else i can set that does the same type of thing. Here's the blurb from M$. Any ideas? Cause: During negotiation of the SMB dialect, the MaxMpxCt parameter (NT server registry, option in NetApp filer?) is passed to the client's (Terminal Server's) redirector where the limit of outstanding network requests is enforced. Explorer makes extensive use of directory notifications, resulting in a number of NTNotifyDirectoryChange SMBs being sent to the server (NetApp filer). This SMB request is classified as a long term request and is received by the server but not sent back until a change occurs. When several clients connect to the Terminal Server, the number of outstanding commands against the server can exceed the default maximum of 50. If this situation arises, other SMB requests will wait in the redirector until previous requests complete, timeout, or are cancelled. Resolution: Increase the MaxMpxCt parameter on the remote server to allow more simultaneous SMB connections. Thanks, Graham

1 0

Re: Data Ontap 5.3 and snapshots
by Jason D. Kelleher 16 Jun '99

16 Jun '99

In message <199906162020.NAA14794@tooting>, Guy Harris writes: >> >Has anyone fond a quick way to touch all CIFS shares and directories on >the >> >filer to convert the directories immediately to Unicode so all snapshots >> >thereafter are clean? >> >> From UNIX: >> >> find /filer_root -name .snapshot -prune -o -name SOMETHING_THAT_W >ONT_MATCH -print > >That works only if your UNIX box is a Linux box using "smbfs" to access >the filer (and I have the impression that may not work), or you have >some other UNIX client that uses CIFS rather than NFS. > >Otherwise, they'll be NFS accesses, which don't cause directory >conversion. NFS access triggers conversion with ONTAP 4.0 or later, unless I'm misreading the 5.3 docs. Check here: http://now.netapp.com/knowledge/docs/ontap/rel53/html/sag/multi12.htm Of course this could be wrong, wouldn't be the first error in the 5.3 documentation. BTW, when does NetApp plan on releasing non-ambiguous docs for second level virtual interfaces? jason

2 1

Re: Data Ontap 5.3 and snapshots
by Jason D. Kelleher 16 Jun '99

16 Jun '99

In message <000101beb7fa$c40f32f0$08ffa8c0(a)ossmball.rtp.opensystems.com>, "M ike Ball" writes: [...] >Has anyone fond a quick way to touch all CIFS shares and directories on the >filer to convert the directories immediately to Unicode so all snapshots >thereafter are clean? From UNIX: find /filer_root -name .snapshot -prune -o -name SOMETHING_THAT_WONT_MATCH -print From a Win box: Start file manager and do a search for "SOMETHING_THAT_WONT_MATCH" with the "Start From" being the root of the filer. That should do it. jason

2 1

Re: Virus
by Graham C. Knight 16 Jun '99

16 Jun '99

Mark D Fowle wrote: > > Our NT Administrator wants to know how to protect the NetApps from viruses. > Unlike running on an NT server he > says he can't autoprotect data. Does anyone know how this might be done? > > Mark Fowle > Caterpillar-BCP We run Mcafee virus scans on our filers nightly with very good results. We created a username in NT that maps to root on the filer and let it rip. Initially i was concerned with the mix of Unix and NT files on our volumes confusing the virus scanner, but after a lot of testing I'm satisfied that it's not a problem. GRaham

2 2

Re: Data Ontap 5.3 and snapshots
by Joan Pearson 16 Jun '99

16 Jun '99

As another has mentioned, from the Windows client start a Find in the root directory. All directories will be converted to unicode format as they are traversed. By default, new directories created from CIFS are in unicode format. If you want to ensure all directories created from NFS are also in Unicode format, set the wafl.create_ucode option to True. You may be able to access your unconverted snapshot directories from NFS. Joan Pearson At 06:18 AM 6/16/99 , you wrote: >I have noticed in snapshots taken since I upgraded to 5.3, I am receiving >"access is denied" on various directories in the snapshots. > >This is due to the directories not being converted to Unicode as they have >not been accessed since the upgrade. I understand with 5.3, until a CIFS >directory is accessed it is not converted to Unicode. The problem I have >hear is I had some corrupted files last week in one of my directories on my >filer. When I went back to recover from any of the previous snapshots taken >since the 5.3 upgrade, I received "Access is denied" since those directories >where never touched since the 5.3 upgrade and therefore never converted to >Unicode. > >Has anyone fond a quick way to touch all CIFS shares and directories on the >filer to convert the directories immediately to Unicode so all snapshots >thereafter are clean? > Thank you, > Mike >

1 0

RE: Virus
by Muhlestein, Mark 16 Jun '99

16 Jun '99

If by "autoprotect data" you mean run a server-based scan, that is correct, the filer does not have a built-in virus scanner. However, there are good reasons why you don't want to do that. One obvious reason is that the filer would be slowed down because every file access requires the virus scanner to get involved, which penalizes all users. It is much better to do the scanning on the clients since that has the correct scaling properties. You should have virus scanning software loaded on all your clients, but you should also have one or more clients run periodic on-demand scans of the filer data. There are several advantages to running the scans from standard PC clients, not least of which is the rapid availability of updated versions to catch the latest viruses. Another advantage is that with multiple PC clients you can parallelize the scans, which can be a great timesaver if you have a large amount of data to scan. You should also make sure your NT administrator understands the advantages of snapshots, which can be used to very good effect when a new virus is found for which there is no anti-virus software yet. And, of course, the filer is not directly susceptible to viruses because it does not run general applications. Overall, I'd say the filer has a very good anti-virus story compared to NT server. Mark -----Original Message----- From: Mark D Fowle [mailto:Fowle_Mark_D@CAT.com] Sent: Wednesday, June 16, 1999 7:03 AM To: toasters Subject: Virus Our NT Administrator wants to know how to protect the NetApps from viruses. Unlike running on an NT server he says he can't autoprotect data. Does anyone know how this might be done? Mark Fowle Caterpillar-BCP

1 0

Virus
by Mark D Fowle 16 Jun '99

16 Jun '99

Our NT Administrator wants to know how to protect the NetApps from viruses. Unlike running on an NT server he says he can't autoprotect data. Does anyone know how this might be done? Mark Fowle Caterpillar-BCP

1 0

Data Ontap 5.3 and snapshots
by Mike Ball 16 Jun '99

16 Jun '99

I have noticed in snapshots taken since I upgraded to 5.3, I am receiving "access is denied" on various directories in the snapshots. This is due to the directories not being converted to Unicode as they have not been accessed since the upgrade. I understand with 5.3, until a CIFS directory is accessed it is not converted to Unicode. The problem I have hear is I had some corrupted files last week in one of my directories on my filer. When I went back to recover from any of the previous snapshots taken since the 5.3 upgrade, I received "Access is denied" since those directories where never touched since the 5.3 upgrade and therefore never converted to Unicode. Has anyone fond a quick way to touch all CIFS shares and directories on the filer to convert the directories immediately to Unicode so all snapshots thereafter are clean? Thank you, Mike

1 0

Jump to page:

2025

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

2007

2006

2005

2004

2003

2002

2001

2000

1999

1998

1997

toasters